Standards have developed to ensure that, as the number of computer accounts increase, personal accounts will remain unique, so that they may continue to serve as a means of locating an Internet Protocol (IP) destination address for an individual account owner. “JohnSmith@domain.example” is an exemplary personal account name. The portion of this account name to the right of the “@” symbol is called a Domain Name (DN). The portion to the left of the “@” symbol of the exemplary account name is a user name. Such a personal account name, is not limited to, but may be used for the purpose of communicating by electronic mail (email), communicating by Instant Messaging (IM), accessing a single sign-on service, accessing a digital wallet service, accessing restricted web pages, conducting a Voice over IP session, conducting a video conferencing session, conducting a white-boarding session, conducting a real time web meeting, or any other web service.
Some observers have estimated that there are more than 60 million domain names in operation, and yet the stylistic freedom in choosing an account name for the individual account owner is typically severely restricted. In the example cited above, the exemplary domain name is “domain.example”. The portion of this domain name to the right of the period is called a Top Level Domain or TLD. There is not much creativity allowed in the choice of a TLD because there are only a few hundred TLD's that are permitted within industry standards. The name to the left of the period in our exemplary domain name is called a Second-Level Domain or SLD. For historical reasons, most users are crowded together under a few SLD's that carry an implied TLD. For example, many millions of accounts coexist under the common domain name of their internet service providers such as “juno.com”, “aol.com”, “msn.com”, and “comcast.net”. The crowding can be even worse in domain names associated with web-based email providers such as “hotmail.com”, “gmail.com”, or “yahoo.com”. If a user wanted to create a user account under the user name “JohnSmith”, he would typically find his desired name disallowed, or unavailable, since there are thousands people with the name John Smith on the web, and a significant fraction of them may want the same user name under the same domain name.
Some users have opted to register their own domain names. Registrars such as Network Solutions, Tucows, godaddy, Register, and Aplus will, for a small fee (typically about 10 dollars per year) register and maintain a domain name of the customer's own choosing, provided it is still available. The Domain Name System (DNS) is a distributed database system that returns records associated with a domain name, and is primarily responsible for returning IP addresses for a number of possible services. As appreciated by those skilled in the art, registrars usually provide a DNS server that maintains the records for servers that provide DNS services. A DNS record may indicate a web server where web pages are hosted for a web browser (referred to as an A-Record), while a Session Initiation Protocol (SIP) related-record may map to services such as instant messaging services for a domain. As known to those skilled in the art, SIP related DNS records may include SeRVice (SRV) and Naming Authority PoinTeR (NAPTR) records. A DNS entry may also include a Text record where any arbitrary text may be placed. There are basically three different services, that may be narrowly provided by a service provider company. There are those who sell domains (registrars), those who offer DNS service (DNS providers), and those who offer services (service providers). While a company might prefer to do all three, to pursue more profit, domain owners have the freedom to mix and match. It is common to have all three services provided by different companies. It is also common to have all three services at the same company. It is also common to have the registrar service and the DNS Provider service at the same company. It is possible to have the registrar service at one company and the DNS service at another company, but this is rare.
For small organizations or individuals, maintenance of DNS records can be confusing to the customer, and therefore, labor-intensive for the registrar to support. Evidence of this is found in the fact that some domain registrars make it difficult to transfer the domain. Naturally, small organizations would prefer live customer support, but this is costly to supply for a large customer base of potentially novice computer users. Registrars ordinarily offer hosting services as well. Some even give away domain registration if a hosting service is purchased. As hosting traffic increases, the hosting fees increase. When the traffic passes a certain threshold of activity, it is more efficient to purchase one or more dedicated servers, and to hire a dedicated staff of Information Technology (IT) experts to maintain the traffic associated with a domain.
Whether the DNS maintenance service is provided by a registrar, an independent hosting company or a dedicated IT staff, there is a disincentive to give away service to users who may want to use the domain name that an owner has registered. For example, the domain controller for an exemplary sports team such as MyTeam.com may wish to provide usernames to fans, but the cost of account initiation and management is prohibitive. This is particularly true in these days when exploits such as worms, email-borne and IM-borne viruses, spam, and phishing must be combated by the service host. Thus many desirable domain names are occupied, but underutilized. Those small organizations that register their own domain names face steep service fees that increase with activity, and in the past, the only alternative to these has been to purchase dedicated hardware and software and to develop expertise in maintaining and providing service.
As an alternative to moving all of the services associated with a domain name, certain services can be “outsourced” or performed by another remote server on the authority of the domain owner. For email outsourcing, someone may need to manually change a destination address or a host name in the Mail eXchange (MX) record of the DNS records. For IM outsourcing, someone may need to change a SIP-related record of the DNS records. This allows the traffic for email or IM respectively to be sent to an IP destination address within the web service provider. Similarly, to provide outsourced web hosting the A-Record in DNS can be updated. In all cases, the DNS provider simply points to IP addresses provided by the service provider.
There are various reasons that a first party may wish to validate that a second party has control of a domain name. It may be to allow different companies to provide the different services mentioned above. The first party may be a service provider who wishes to provide one or more services for the second party under a given domain name. If control of the domain name is not validated, then domain accounts within the service provider could be snapped up by fictitious owners and so be unavailable or encumbered when the genuine owners try to outsource services. In addition, there are several other possible reasons for validation. The first party may be qualifying second party websites which have offered advertising services for certain fees. As a step in this process, the first party may desire some tangible proof that the second party controls the domain name. As a second example, the first party may be buying domain names, and may wish to validate that the second party truly has control of the domain name. As a third example, the first party may be paying for some kind of account or service to be provided by the second party in association with a domain name, and so he may wish to validate that the second party has control of the domain name before payment is made.
Validation of domain name control can be uncertain, time-consuming, and therefore costly. Where the domain is held by a large company, one could contact the company and go through administrative channels to be referred to the proper person who is authorized to control domain services. One could also access the “whois” database, to determine an email account for the official domain owner. Whois describes a protocol for querying the database of domain ownership. Several organizations provide free whois database access. This database however is difficult to parse, and is often incomplete or inaccurate. It may contain minimal information, such as an e-mail address of an owner, who may have delegated control to others on his behalf. Moreover, some registrars offer the service of maintaining anonymity of domain ownership. The actual email account name remains private, and if email is sent to the proxy name that is listed in the whois record, the email may be falsely identified as spam by the proxy, and deleted. Anonymity potentially destroys the use of whois records. At least, anonymity service adds another level of indirection, possible failure, and delay. In many of these cases, the validation of domain name control is still be a manual process.
The use of personal contact, or whois records to validate domain name control is problematic when the validation needs to be performed periodically. This is particularly true for the example of the service provider who would like a frequent confirmation of domain name control during service. An ideal service provider would frequently validate the domain owner to ensure it hasn't been transferred or expired. Calling the contact daily (or even e-mailing them with an authentication link daily) isn't practical or scalable.